Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/Do0JSgiNCqriv80PIhtwMnexSNc.roa
File: Do0JSgiNCqriv80PIhtwMnexSNc.roa (raw, json)
Hash identifier: RwQMBdH7IsYN85P3xCXPyoXK0UkudDgkL+/EfmT5Xt0=
Subject key identifier: 0E:8D:09:4A:08:8D:0A:AA:E2:BF:CD:0F:22:1B:70:32:77:B1:48:D7
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018CC348EFAAE14742639D158CA92CB6F7C8
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/Do0JSgiNCqriv80PIhtwMnexSNc.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202940
IP address blocks: 84.108.143.0/24 maxlen: 24
84.108.142.0/24 maxlen: 24
84.108.142.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ef:aa:e1:47:42:63:9d:15:8c:a9:2c:b6:f7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e8d094a088d0aaae2bfcd0f221b703277b148d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:50:83:ec:23:74:ab:c2:cf:64:e7:0c:68:32:
00:c1:b2:6e:fa:2f:40:bc:97:aa:ea:b9:35:35:f7:
78:bb:e8:3f:92:f5:e8:a3:0e:c9:b3:ff:f1:2f:47:
10:e3:aa:25:fb:c3:07:e5:ee:72:85:d2:1c:52:b3:
52:6a:8c:78:96:b0:71:d4:b4:6d:a7:79:61:3e:f7:
94:bd:bc:8c:e9:aa:ee:6f:95:48:f8:ea:89:7a:f1:
12:b5:ec:2a:ee:7d:ee:08:86:9d:62:81:bb:90:3e:
b8:83:55:f4:36:e8:90:1e:3a:8e:e0:a6:07:fa:9a:
4d:27:4c:e9:ee:b2:98:52:f6:21:80:73:44:44:76:
eb:dc:33:0a:03:52:6a:a5:30:a4:f5:8d:91:76:79:
ab:39:26:8d:01:0a:19:d7:57:31:72:50:33:47:fa:
27:75:78:5d:85:7a:58:27:e0:ce:ed:9b:1e:54:d0:
42:9e:1b:d4:8c:68:2b:90:ff:10:f9:b8:3e:ac:87:
d3:10:97:33:16:90:49:f3:dc:dd:53:02:31:85:d1:
3f:9f:2f:7f:c6:6d:19:d8:6f:0b:2b:99:da:84:6a:
dc:fe:19:74:c2:e7:5f:fd:0d:dd:e2:81:f8:4e:82:
ed:d0:c4:37:b3:90:28:a3:0f:63:a6:72:10:cb:fd:
f7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8D:09:4A:08:8D:0A:AA:E2:BF:CD:0F:22:1B:70:32:77:B1:48:D7
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/Do0JSgiNCqriv80PIhtwMnexSNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.108.142.0/23
Signature Algorithm: sha256WithRSAEncryption
75:92:67:e5:d4:4d:64:e2:da:f2:ad:33:73:9f:6f:40:f7:c2:
8f:ee:da:89:e5:dd:38:37:d1:d6:70:4c:0f:e2:bb:20:b3:98:
12:0a:79:85:6e:2f:fd:85:8e:59:ae:d5:25:bb:2b:b7:75:94:
5b:37:88:b4:54:a8:1d:aa:5c:9b:0c:83:10:6f:16:8f:1d:dd:
b4:71:07:ed:92:47:d4:70:7b:d0:3d:de:b2:76:73:76:9e:c7:
52:e1:03:b4:c6:51:ce:7d:a5:d0:51:6b:78:c2:e9:0f:b2:c0:
ad:b7:26:44:90:8e:6e:a0:19:27:65:89:56:fc:76:a2:2c:81:
b5:9d:70:05:c7:c3:c4:11:c0:8d:8e:f7:b1:ae:69:dc:25:c1:
55:32:7e:58:28:b3:04:9f:fd:c5:a0:ce:ef:6c:d0:7b:4d:f2:
80:16:e7:03:57:15:64:2e:f7:1a:a4:d7:27:69:c6:ea:f3:4f:
d8:07:b6:4b:e1:80:b7:05:8c:11:5f:06:a8:40:98:75:c9:a3:
2c:81:d3:2d:fe:f1:5b:2d:1a:eb:36:bb:57:e7:6a:82:fd:2e:
03:dc:54:ca:cb:22:d6:7a:26:41:b6:4f:8c:6c:bf:a8:7d:70:
1e:3e:04:0f:01:63:32:ef:12:18:b0:ea:ef:60:f4:c3:95:33:
9d:37:8c:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSO+q4UdCY50VjKkstvfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThkMDk0YTA4OGQwYWFhZTJiZmNkMGYyMjFiNzAzMjc3YjE0OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlCD7CN0q8LPZOcMaDIAwbJu+i9A
vJeq6rk1Nfd4u+g/kvXoow7Js//xL0cQ46ol+8MH5e5yhdIcUrNSaox4lrBx1LRt
p3lhPveUvbyM6arub5VI+OqJevEStewq7n3uCIadYoG7kD64g1X0NuiQHjqO4KYH
+ppNJ0zp7rKYUvYhgHNERHbr3DMKA1JqpTCk9Y2RdnmrOSaNAQoZ11cxclAzR/on
dXhdhXpYJ+DO7ZseVNBCnhvUjGgrkP8Q+bg+rIfTEJczFpBJ89zdUwIxhdE/ny9/
xm0Z2G8LK5nahGrc/hl0wudf/Q3d4oH4ToLt0MQ3s5Aoow9jpnIQy/33IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6NCUoIjQqq4r/NDyIbcDJ3sUjXMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvRG8wSlNnaU5DcXJpdjgwUElodHdNbmV4U05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVGyOMA0G
CSqGSIb3DQEBCwUAA4IBAQB1kmfl1E1k4tryrTNzn29A98KP7tqJ5d04N9HWcEwP
4rsgs5gSCnmFbi/9hY5ZrtUluyu3dZRbN4i0VKgdqlybDIMQbxaPHd20cQftkkfU
cHvQPd6ydnN2nsdS4QO0xlHOfaXQUWt4wukPssCttyZEkI5uoBknZYlW/HaiLIG1
nXAFx8PEEcCNjvexrmncJcFVMn5YKLMEn/3FoM7vbNB7TfKAFucDVxVkLvcapNcn
acbq80/YB7ZL4YC3BYwRXwaoQJh1yaMsgdMt/vFbLRrrNrtX52qC/S4D3FTKyyLW
eiZBtk+MbL+ofXAePgQPAWMy7xIYsOrvYPTDlTOdN4wV
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:11:07 2024 by rpki-client on console-fra.rpki-client.org